VYPR
Vendor

Norton

Products
13
CVEs
14
Across products
16
Status
Private

Products

13

Recent CVEs

14
  • CVE-2025-58074HigMay 4, 2026
    risk 0.57cvss 8.8epss 0.00

    A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges.

  • CVE-2017-13676HigSep 28, 2017
    risk 0.46cvss 7.0epss 0.00

    Norton Remove & Reinstall can be susceptible to a DLL preloading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will…

  • CVE-2017-15534MedMar 26, 2018
    risk 0.44cvss 6.7epss 0.00

    The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access.

  • CVE-2017-15528LowNov 22, 2017
    risk 0.24cvss 3.7epss 0.01

    Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the public key of an attacker to the domain name of the target.

  • CVE-2022-4294Jan 10, 2023
    risk 0.00cvss epss 0.00

    Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an…

  • CVE-2022-28795Apr 12, 2022
    risk 0.00cvss epss 0.01

    A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a page crafted by an attacker, the discovered vulnerability could trigger the Password Manager Extension to fill in the password field automatically. An…

  • CVE-2008-5427Dec 11, 2008
    risk 0.00cvss epss 0.02

    Norton Antivirus in Norton Internet Security 15.5.0.23 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service…

  • CVE-2007-5829Nov 5, 2007
    risk 0.00cvss epss 0.00

    The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges…

  • CVE-2002-2206Dec 31, 2002
    risk 0.00cvss epss 0.02

    The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.

  • CVE-2001-1099Sep 7, 2001
    risk 0.00cvss epss 0.03

    The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice.

  • CVE-2000-0793Oct 20, 2000
    risk 0.00cvss epss 0.02

    Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.

  • CVE-2000-0478Jun 14, 2000
    risk 0.00cvss epss 0.02

    In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server.

  • CVE-2000-0477Jun 14, 2000
    risk 0.00cvss epss 0.03

    Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names.

  • CVE-1999-1323Apr 9, 1999
    risk 0.00cvss epss 0.00

    Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.